You can configure your endpoints to communicate with Symantec Endpoint Detection and Response via the private cloud setting in SEPM. Click the link below to learn more about how to configure endpoints to connect with Symantec EDR via the console.
If you upgrade to Symantec EDR 3.0 or later and want to preserve legacy behavior, your endpoints must be configured to connect through HTTP 8080 or HTTP 8443. If you use the SEP proxy and want to take advantage of EDR 2.0 functionality, use HTTPS 443. Important: Enrolled endpoints are disconnected when you re-configure these ports. However, the endpoint enrollment status does not appear changed in the console. If you reconfigure the SEPM ports, you must re-enroll your SEP endpoints with Symantec EDR.
When you redeploy Symantec EDR without removing the SEPM Controller, endpoints remain in an enrolled state. However, if you remove Symantec EDR from SEPM's group settings, the endpoint are technically unenrolled. There is no longer a connection between endpoints and Symantec EDR.
To configure endpoints in SEPM to communicate with Symantec EDR
Log into SEPM.
Click Clients, then select the group that you want to configure.
In SEP, you can set policies on a per-computer or on a group basis. For more information about setting up groups, see the SEP documentation.
For the desired computers or groups, go to the Policies tab and click External Communications Settings.
On the External Communications Settings dialog, click the Private Cloud tab.
Check Enable private servers to manage my data, and then click Use Symantec EDR servers for Insight lookups and submissions.
Check Use Symantec servers when private servers are not available.
Click Add>> and select New server.
In the Add Server dialog box, specify the URL and port number of the EDR appliance console.
The default protocol and port are HTTP and port 8080. Before selecting the HTTPS protocol, read the following topic: